PerimeterX Code Defender™

Stop digital skimming and Magecart attacks

PerimeterX Code Defender is a client-side application security solution that protects your website from digital skimming, formjacking and Magecart attacks by detecting vulnerable scripts, suspicious PII access and data leakage.

Read the Whitepaper
PerimeterX Code Defender

Reduce Risk of Data Breaches

Detect and prevent digital skimming and Magecart attacks. Ensure compliance with data privacy regulations like GDPR and CCPA. Protect your brand reputation.


Improve Operational Efficiency

Enable innovation at digital speed. Streamline DevOps and DevSecOps workflows. Minimize process overhead.

Read the Product Brief
Case Study

We wanted to find the anomalies and changes in our client-side scripts. The Code Defender behavioral analysis solution greatly simplifies this process.

Lee TarverSr. Manager, Security Architecture and Engineering, Sally Beauty
Read Case Study

Why PerimeterX

Investigate, Analyze and Mitigate

Code Defender provides advanced reporting, analysis and investigation capabilities, enabling customization of thresholds and policies that map to your business needs. All of the script’s actions - interaction with the document object model (DOM), network activity and storage triggers - are captured and visualized on an intuitive timeline chart within the analyzer Code Defender dashboard. Granular details paired with the exact script activity that triggers the incident classification enables you to get a speedy resolution for security issues originating from your third-party vendors.

The machine-learning-based PerimeterX Detector processes numerous data signals collected by the PerimeterX Sensor. The Detector generates behavioral fingerprints to detect anomalies and continuously updates the sensor with new intelligence.

Full Visibility and Control

Code Defender gives you real-time visibility into first- third- and Nth-party scripts running on your website. It detects unauthorized PII access, data exfiltration events and known script vulnerabilities to protect your website against supply chain attacks, first-party compromises and zero-day vulnerabilities.

Behavior-based Learning

Code Defender uses advanced machine learning models that automatically learn, inventory and baseline all script activity on your web pages. This eliminates the need to manually inventory your website scripts and pre-configure policies, thus saving time and resources. Code Defender generates prioritized alerts on suspicious script activities, enabling you to mitigate digital skimming and Magecart attacks in real time.

Easy to Deploy

Code Defender uses a lightweight JavaScript Sensor that can be quickly and easily integrated into your web pages. It does not require any architectural changes to your website or content delivery network (CDN), enabling you to gain client-side visibility and protection without operational disruption.

Preserve User Experience

Code Defender is built to preserve your user experience and page load performance. The asynchronous execution of the JavaScript Sensor and out-of-band deployment ensure quick response times and a positive experience for your users.

Threat Research Leadership

The PerimeterX research team conducts proactive research into new and existing digital skimming and Magecart threats to identify vulnerable scripts, malicious domains and novel attack techniques. This research is used to continuously improve Code Defender detection and to provide actionable context on alerts. Read the PerimeterX blog for the latest updates from our research team.

Enterprise Level Customer Services

Our 24/7/365 proactive security team is always available via multiple channels to help you investigate security incidents, provide actionable insights and function as an extension of your team. Our team analyzes alerts from Code Defender as they occur, enabling you to quickly investigate and mitigate client-side attacks.

Powered by the PerimeterX Platform

The PerimeterX Platform is a set of cloud-native infrastructure and services that powers an award-winning suite of application protection solutions. PerimeterX Bot Defender, PerimeterX Code Defender and PerimeterX Page Defender protect online businesses against automated attacks and client-side threats. By using a single, easy to deploy client-side Sensor along with a cloud-based Detector and an Enforcer that integrates with a wide range of server side and edge technologies, you can preserve your existing architecture without impacting user experience. The intuitive Portal enables your operations team to investigate and mitigate multiple threats and greatly improves their operational efficiency.

How Code Defender Works

  • Collect

    The PerimeterX Sensor collects activity signals from the client-side browser including interactions with the DOM, network domains and local storage. This information is sent to the cloud-based Detector for analysis. The Sensor does not collect any personal data from the browser.

  • Analyze

    The cloud-based Detector analyzes the client-side activity signals using advanced machine learning models to build a baseline profile for every first-, third- and Nth-party script running on the web page. The Detector flags any changes in script behavior or execution of new scripts and automatically generates alerts.

  • Mitigate

    The web-based Portal includes a dashboard with prioritized incidents, a complete script inventory and an analyzer that provides detailed information about a script’s activities visualized on an intuitive timeline. The prioritized incidents include actionable recommendations based on our threat research that empower you to mitigate digital skimming and Magecart attacks without disrupting your business.

© PerimeterX, Inc. All rights reserved.